-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Credential Revocation by holder #14
Labels
Sub-task
A small piece of work that's part of a larger task.
Milestone
Comments
This was referenced Mar 6, 2024
9 tasks
Phil91
added a commit
that referenced
this issue
Apr 26, 2024
* feat(revocation): add endpoints to revoke credentials * add endpoint for issuer to revoke a credential * add endpoint for holder to revoke a credential * add logic to revoke credentials when they are expired * feat(download): add credential download endpoint * chore: adjust statusList Url Refs: #14 #15 #16 #24 --------- Co-authored-by: Norbert Truchsess <[email protected]> Reviewed-by: Norbert Truchsess <[email protected]>
Merged
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Revocation request by the holder of the credential.
The revocation itself will be inside the revocation of the issuer since the credential status list is located inside the issuer wallet.
Details
Task: Implement Credential Revocation Interface for Customer
implement a credential revocation interface for customers. This interface will allow customers to revoke their credentials, such as frameworkAgreement or BPN, in case of security concerns or account compromise. The interface should follow the specified requirements:
Revocation Method: Implement a method
revokeCredential
that takes the customer's credential unique identifier to be revoked as input parameters.Validation: Before revoking the credential, validate the customer's identity to ensure that they have the authority to revoke the credential.
To implement this function, we first of all need a new endpoint inside the issuer component which can get called by the holder.
Endpoint:
/api/revocation/credentials/{credentialId}
HTTP Method: POST
Authority: revoce_credential
Validation:
the endpoint can get called by the holder to revoke the credential
The new API Endpoint should support following responses:
DIM WALLET REVOCATION
Endpoint:
/api/v2.0.0/credentials/{credentialId}
HTTP Method: PATCH
Request Headers:
Request Body:
MANDATORY TEST:
try to revoke a credential by the holder of another customer
The text was updated successfully, but these errors were encountered: